Hacker's Work Plagues PCs Two Years After Arrest

Named the worst worm of 2004 by some anti-virus firms, the Netsky worm is still the No. 1 reported virus in the world, according to Sophos. Its 18-year-old creator, meanwhile, got off lightly with a suspended sentence and 30 hours of community service.

Two years after the arrest of a noted hacker, his creation remains at the top of the virus charts, a security company said Wednesday, proving just how long an Internet affliction can last.

Netsky -- named by some anti-virus firms as the worst worm of 2004 -- holds down the top spot on U.K.-based Sophos' malware chart two years after its author was nabbed.

"Jaschan's Netsky.p worm is still the number one reported virus in the world," said Graham Cluley, senior technology consultant for Sophos, in a statement. "Every anti-virus program, even the crummiest ones, can detect the Netsky worm, and have been able to for years.

"This tells us that there are still many people out there who aren't using any anti-virus software at all, but are busy passing on an old pox to others."

According to Sophos' count, Netsky.p accounted for 18.5 percent of all malware the firm tracked last month. Another Jaschan creation, Netsky.d, added 3.9 percent. The second- and third-place worms, non-Jaschan creations Zafi.b and Nyxem.d, made up 16.9 percent and 8.5 percent of April's malware, respectively.

"It's Pandora's Box," added Cluley. "Viruses and worms, once released, can never be put back, regardless of whether their creator is punished or regrets his or her actions.

In 2005, Jaschan was given a suspended sentence and ordered to serve 30 hours of community service. A poll taken shortly after that by Sophos found that nearly 8 out of 10 PC users thought the punishment was too lenient.

"The malware Jaschan released is likely to continue spreading for years to come," Cluley said.

Sasser, which struck hard at computers worldwide, debuted at the end of April 2004, but within a week had trailed off. Netsky.p, on the other hand, first appeared March 21, 2004, but has had a much longer shelf life.

As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.